Imagine this: I hand you a paper stock certificate, and you hand me a wad of cash. No broker, no exchange—just two people, in-person, one security, one transaction. Under U.S. federal securities laws, this peer-to-peer (P2P) transaction is entirely lawful. There is no need to have it transacted through an intermediary, registered with the SEC, reported, or surveilled.
Now imagine that same transaction, but done digitally. Instead of paper, I send you a tokenized version of that stock via a smart contract on a decentralized blockchain network. No third parties, no clearinghouse, just software facilitating the trade. Functionally, nothing has changed — the transaction is still P2P. In theory, this should mean it receives the same hands-off treatment from regulators. But is that the case in practice?
The answer carries profound implications, and not just for crypto. The legal status of P2P digital transactions also matters for privacy, individual autonomy, technological innovation, and the limits of government oversight in a digital world.
The SEC’s Expanding Perimeter
Federal securities laws are primarily concerned with intermediaries, public offerings, and fraud. The SEC’s jurisdiction hinges not just on what is being transacted, but how and by whom. Most notably, anyone that handles securities transactions can potentially be designated an exchange or a broker, while offering securities to the public may require you to register those assets with the SEC.
Historically, this meant that purely bilateral exchanges between individuals—especially those that occur outside of the public markets—generally fall outside the SEC’s jurisdiction.
Decentralized finance technology, or DeFi, challenges that paradigm by enabling P2P securities transactions to occur at scale and with unprecedented automation. Users can now transfer crypto assets, and potentially tokenized equities, directly to one another via smart contracts, sometimes with the click of a button. This can take the form of an automated market maker, where users trade against a pool of liquidity governed by a pricing algorithm; a peer-matching protocol, which enables users to create and fill signed orders off-chain and settle them on-chain; or smart contract-based escrow and atomic swaps, which implement smart contracts that allow conditional execution.
These DeFi tools offer the promise of marvelous new trading efficiencies coupled with unprecedented transparency and record-keeping. But at their foundation, transactions using these tools are simply a high tech version of me handing you a stock certificate in return for cash.
Despite this parallel, the SEC has moved to treat DeFi transactions as though they belong to the legal regime of exchanges and brokers. This would be a mistake.
When it comes to figuring out rules for these platforms, the guiding principle should be one of technological neutrality. Regulation should focus on function, not form. If the same economic activity is permissible in the physical world, then the use of new tools to facilitate that activity should not, by itself, trigger additional regulatory burdens.
This is not to say that all DeFi activity is beyond the reach of securities law. If a platform intermediates trades, pools liquidity, has control or discretion over assets, or plays a role akin to a traditional financial institution, then there may well be a legal basis for oversight. But when two individuals use software to exchange digital representations of securities in a direct, automated, and non-custodial way, the SEC’s legal basis becomes far more tenuous.
A Broader Question of Government Reach
This isn’t just about securities law. As technology empowers individuals to transact and communicate in increasingly decentralized ways, these new tools raise familiar legal questions about how to balance government power and individual freedom.
Consider the “third-party doctrine” in privacy law, which holds that individuals lose their expectation of privacy when information is voluntarily shared with third parties (like banks or telecom providers). This once-narrow exception has ballooned in the digital age, where people’s lives increasingly move online, and nearly all online activity involves intermediaries. As a result, courts have struggled to reconcile the doctrine with modern expectations of privacy and constitutional protections under the Fourth Amendment.
A similar tension is playing out in financial regulation. DeFi challenges the assumption that financial activity must always be routed through a gatekeeper. If technology now enables parties to engage in direct financial transactions without intermediaries in the middle, does the state retain the same justification—and authority—to regulate that activity as if those institutions were still involved?
What we need is a principled framework—one that respects individual autonomy, preserves market integrity, and draws clear lines about where government power begins and ends. We must recognize that, while it may be tempting, just because new technology makes it possible to regulate private activity doesn’t mean it is appropriate to do so. A principled framework should also not pick winners and losers—if DeFi potentially represents a superior model that could replace, or supplement, key components of our existing financial system, that should not be a reason to regulate it out of fear.
Crypto didn’t invent peer-to-peer finance; it just removes the friction. Instead of automatically trying to fit innovative technologies into legacy frameworks, regulation should adapt.
This story was originally featured on Fortune.com
Recent Comments